God and Security

Okay, I have a new favorite toy. It's called Engarde Secure Linux . This secured Linux distribution goes beyond the normal SELinux capabilities with a restricted root and true Mandatory Access Controls (remember your CISSP training?) Why do I care? A few years ago I was tasked with building a secure file transfer system that was built on existing tools which a "partner" company could acquire and tie into, and it had to be easily automated. Based on the requirements (and taking a guess at what regulatory requirements were going to pass legislation) I built a system running on a Solaris box that SCPed data to- and from- partner companies. This data was PGP encrypted (if we were sending it) to the customer's PGP key, or it was received from the partner and automatically decrypted via PGP command line. This posed a few problems. The enterprise version of PGP command line (from Network Associates at that time) required that the passphrase be read from a text file, sto...

Airport security is much maligned in this country. Everyone from the joe standing in the security line wondering why he must throw away his water bottle and take off his shoes to the well respected security professional who has written tomes on everything from cryptography to hacking has besmirched the process. I must confess that I found myself in this crowd more often than not. As I stood in line sans shoes and liquids I'd glance around at the facility about me and identify a few ways a do-badder could beat the system depending on their funding, patience and goals. Inevitably, I would mentally get whatever items I needed through the screening process with a fair enough likelyhood of success that I felt quite comfortable joining the throngs of critics. Then, one day while I was on the road I had an epiphany: "Some of the best minds (don't laugh) have come up with this system. What am I missing?" Therein lay the key question. I had been mentally compromising airp...

At one time I thought that I was some wierd anomaly, an intelligent person in information technology who was also a devout Christian. In 2005 and 2006 I had the opportunity to visit many companies and get to know the people heading up IT security at some of America's largest and most influential enterprises, and I discovered that many of these security departments were headed by active Christians. Not just "yeah, I believe in God and Jesus seemed kinda cool" Christians, but people who ( in their non-existent spare time ) are pastors and assistant pastors, youth leaders and praise band members. It's funny, but as much as these "hard core" Christians seem to get slammed in public, when it comes down to Corporate America (or even Governing America) needing to find someone with integrity to head up Information Security, they frequently find themselves choosing men and women of God. This blog (nay, ramble!) is where I can bring together (when appropriate) my t...